Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3637773pxj;
        Tue, 1 Jun 2021 09:40:49 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJywm0sp+NJ3NxgPfXi8pl4GJLGas3gMQt4pXYuyDJdB5F1aGh/W3z1PUXymkq5MPXHlAupq
X-Received: by 2002:aa7:c359:: with SMTP id j25mr33032513edr.171.1622565648789;
        Tue, 01 Jun 2021 09:40:48 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1622565648; cv=none;
        d=google.com; s=arc-20160816;
        b=sGNpE9MkUMluypE4Udg2TMEUxMQNn4Fj29r6vmh/d6SmE3AWcsO3X67nR1HALXlf7g
         vmo72CtPxSNCv7geZkD1hA1nSZ6A5Y5vQdqnMwgT5MXebolouhBDfqvgcmleeRwH7KkF
         F+4ba5qgPW+srrvKckhUuTzUGT6AGDUxG3B7tkoHNv8wd684xg8ZRs2P1zhvkZCRBCR0
         oTooJ6yQyOWu8QAMHaoEswlpwtbTy3V+XMjTdO78118cgTPAG5fhht+n4ogWixxO/MaB
         ebK4hHoQ55KwI/aKbKeneLY/R2XSurn3uemjKzx62zwU7gfSj4tsfnqTXt4iYG2r0drv
         cbLg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=IQNaXHfilYzxA/6j6SOBhCnzHv8K1K5e2lUhNJrP+L8=;
        b=HIEWtlyS/izhuiQ6xKp2FPB1RBJYxiIZLsy96GPkjoG804xBPVsNp0sWP+Zh2DD8Bz
         NU76eEu/hr5N3QFjrD82aei97kbtxTHjVYwChlsclJlvDz/XLzqhViQgXpX32SI/8TY7
         7gd18/gVJTleSfr4hCY9oCLkTeb3OUHMQvpgHGDUyY4sBIHy3WlH0uMTGiFA4E674evr
         duBuwUcR12UD9kw20V18qEe8bFsggoLvualOJLWCjhasYHMOq1YpzgEjZCY0xVdpF32l
         KlsYzr/H0kW8nA1T2EnNnDYKD+IUAgBintVLiT0wyNUAOdgkWnZ6nSjsufVVqW8ZwnBV
         En7g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id r17si11469090edq.54.2021.06.01.09.40.24;
        Tue, 01 Jun 2021 09:40:48 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234562AbhFAQjt (ORCPT <rfc822;lukasz.wituch.linux@gmail.com>
        + 99 others); Tue, 1 Jun 2021 12:39:49 -0400
Received: from mail.ispras.ru ([83.149.199.84]:34774 "EHLO mail.ispras.ru"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S230288AbhFAQjs (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 1 Jun 2021 12:39:48 -0400
Received: from hellwig.intra.ispras.ru (unknown [10.10.2.182])
        by mail.ispras.ru (Postfix) with ESMTPS id 29B9E40755C5;
        Tue,  1 Jun 2021 16:38:03 +0000 (UTC)
From:   Evgeny Novikov <novikov@ispras.ru>
To:     Nehal Shah <nehal-bakulchandra.shah@amd.com>
Cc:     Evgeny Novikov <novikov@ispras.ru>,
        Sandeep Singh <sandeep.singh@amd.com>,
        Jiri Kosina <jikos@kernel.org>,
        Benjamin Tissoires <benjamin.tissoires@redhat.com>,
        linux-input@vger.kernel.org, linux-kernel@vger.kernel.org,
        ldv-project@linuxtesting.org
Subject: [PATCH] AMD_SFH: Fix potential NULL pointer dereference
Date:   Tue,  1 Jun 2021 19:38:01 +0300
Message-Id: <20210601163801.17848-1-novikov@ispras.ru>
X-Mailer: git-send-email 2.26.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

devm_add_action_or_reset() can suddenly invoke amd_mp2_pci_remove() at
registration that will cause NULL pointer dereference since
corresponding data is not initialized yet. The patch moves
initialization of data before devm_add_action_or_reset().

Found by Linux Driver Verification project (linuxtesting.org).

Signed-off-by: Evgeny Novikov <novikov@ispras.ru>
---
 drivers/hid/amd-sfh-hid/amd_sfh_pcie.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/drivers/hid/amd-sfh-hid/amd_sfh_pcie.c b/drivers/hid/amd-sfh-hid/amd_sfh_pcie.c
index ddecc84fd6f0..8394565c4d01 100644
--- a/drivers/hid/amd-sfh-hid/amd_sfh_pcie.c
+++ b/drivers/hid/amd-sfh-hid/amd_sfh_pcie.c
@@ -160,11 +160,16 @@ static int amd_mp2_pci_probe(struct pci_dev *pdev, const struct pci_device_id *i
 		rc = pci_set_dma_mask(pdev, DMA_BIT_MASK(32));
 		return rc;
 	}
+
+	rc = amd_sfh_hid_client_init(privdata);
+	if (rc)
+		return rc;
+
 	rc = devm_add_action_or_reset(&pdev->dev, amd_mp2_pci_remove, privdata);
 	if (rc)
 		return rc;
 
-	return amd_sfh_hid_client_init(privdata);
+	return 0;
 }
 
 static const struct pci_device_id amd_mp2_pci_tbl[] = {
-- 
2.26.2